<?php
include "header.php";
require_once "_utils/database.php";

if (isset($_GET["id"])) {
	$conn = open_db();
	$id = mysql_real_escape_string($_GET["id"]);
	if (isset($_GET["url"])){
		$url = mysql_real_escape_string(htmlspecialchars($_GET["url"]));
		$bio_query = mysql_query("update person2 set photo_url='$url' where person_id=$id");
		close_db($conn);
		header("Location: index.php?id=$id");
	} else {
		echo "
			<div id='add_photo_block'>
				<form action='" . getBasePath() ."/add_photo.php' method='get'>
					<div class='add_photo_text'>Insert a URL for the new photo:</div>
					<input class='url_box' type='text' name='url' />
					<input type='hidden' name='id' value='$id'></input>
					<input type='submit' value='Submit Photo' />
				</form>
			</div>
		";
	}
} else {
	echo "<center><h5>Error: This is not a valid page</h5></center>";
}

include "footer.php";
?>
